if (!sslAuthenticationOptions.IsServer)
{
// The IdnMapping converts unicode input into the IDNA punycode sequence.
- string punyCode = s_idnMapping.GetAscii(sslAuthenticationOptions.TargetHost!);
+ string punyCode = string.IsNullOrEmpty(sslAuthenticationOptions.TargetHost) ? string.Empty : s_idnMapping.GetAscii(sslAuthenticationOptions.TargetHost!);
// Similar to windows behavior, set SNI on openssl by default for client context, ignore errors.
if (!Ssl.SslSetTlsExtHostName(context, punyCode))
{
public partial class SslStream
{
- private static int s_uniqueNameInteger = 123;
-
private SslAuthenticationOptions? _sslAuthenticationOptions;
private int _nestedAuth;
try
{
_sslAuthenticationOptions = new SslAuthenticationOptions(sslClientAuthenticationOptions, remoteCallback, localCallback);
- if (_sslAuthenticationOptions.TargetHost!.Length == 0)
- {
- _sslAuthenticationOptions.TargetHost = "?" + Interlocked.Increment(ref s_uniqueNameInteger).ToString(NumberFormatInfo.InvariantInfo);
- }
_context = new SecureChannel(_sslAuthenticationOptions, this);
}
catch (Win32Exception e)
if (_lastFrame.HandshakeType == TlsHandshakeType.ClientHello)
{
// SNI if it exist. Even if we could not parse the hello, we can fall-back to default certificate.
- _sslAuthenticationOptions!.TargetHost = _lastFrame.TargetName;
+ if (_lastFrame.TargetName != null)
+ {
+ _sslAuthenticationOptions!.TargetHost = _lastFrame.TargetName;
+ }
if (_sslAuthenticationOptions.ServerOptionDelegate != null)
{
SslServerAuthenticationOptions userOptions =
- await _sslAuthenticationOptions.ServerOptionDelegate(this, new SslClientHelloInfo(_lastFrame.TargetName, _lastFrame.SupportedVersions),
+ await _sslAuthenticationOptions.ServerOptionDelegate(this, new SslClientHelloInfo(_sslAuthenticationOptions.TargetHost, _lastFrame.SupportedVersions),
_sslAuthenticationOptions.UserState, adapter.CancellationToken).ConfigureAwait(false);
_sslAuthenticationOptions.UpdateOptions(userOptions);
}
[InlineData(true)]
public async Task SslStream_TargetHostName_Succeeds(bool useEmptyName)
{
- string tagetName = useEmptyName ? string.Empty : Guid.NewGuid().ToString("N");
+ string targetName = useEmptyName ? string.Empty : Guid.NewGuid().ToString("N");
(Stream clientStream, Stream serverStream) = TestHelper.GetConnectedStreams();
using (clientStream)
Assert.Equal(string.Empty, client.TargetHostName);
Assert.Equal(string.Empty, server.TargetHostName);
- SslClientAuthenticationOptions clientOptions = new SslClientAuthenticationOptions() { TargetHost = tagetName };
+ SslClientAuthenticationOptions clientOptions = new SslClientAuthenticationOptions() { TargetHost = targetName };
clientOptions.RemoteCertificateValidationCallback =
(sender, certificate, chain, sslPolicyErrors) =>
{
SslStream stream = (SslStream)sender;
- if (useEmptyName)
- {
- Assert.Equal('?', stream.TargetHostName[0]);
- }
- else
- {
- Assert.Equal(tagetName, stream.TargetHostName);
- }
+ Assert.Equal(targetName, stream.TargetHostName);
return true;
};
(sender, name) =>
{
SslStream stream = (SslStream)sender;
- if (useEmptyName)
- {
- Assert.Equal('?', stream.TargetHostName[0]);
- }
- else
- {
- Assert.Equal(tagetName, stream.TargetHostName);
- }
+ Assert.Equal(targetName, stream.TargetHostName);
return certificate;
};
await TestConfiguration.WhenAllOrAnyFailedWithTimeout(
client.AuthenticateAsClientAsync(clientOptions),
server.AuthenticateAsServerAsync(serverOptions));
- if (useEmptyName)
- {
- Assert.Equal('?', client.TargetHostName[0]);
- Assert.Equal('?', server.TargetHostName[0]);
- }
- else
- {
- Assert.Equal(tagetName, client.TargetHostName);
- Assert.Equal(tagetName, server.TargetHostName);
- }
+ Assert.Equal(targetName, client.TargetHostName);
+ Assert.Equal(targetName, server.TargetHostName);
}
}
projects / platform / upstream / dotnet / runtime.git / commitdiff